SafeOnWeb @Work
The Belgian Center for Cybersecurity (CCB) is puting a lot of effort in helping Belgian companies to defend themselves against cyberthreats.
To achieve that purpose, The SafeOnWeb@work initiative has been put in place and provides a whole lot of free cybersecurity content (awareness, frameworks, advices…).
Next to that, the website allows your company to provide emergency contacts that will be contacted by the CCB when they discover indicator of compromises linked to your company.
Analysis from our SOC team
We strongly advice all companies to register their security contact on SafeOnWeb@work.
This way, the CCB can easily contact you when required. The CCB is putting a lot of effort in monitoring the (dark)web to detect potential breaches involving Belgian companies, scan the Belgian IP spaces, etc.
Let’s make sure every company can benefit from that work by registering required information online.
Black Friday is the time to shop, both in-store and online. Cybercriminals are back with all their classics. Be vigilant and don’t click on a link without checking its origin. Make sure the email, offer, publication or text message is legitimate. All too often, phishing is all about the details.
Analysis from our SOC team
While doing your shopping for Black Friday or Cyber Monday, keep in mind that if it’s too good to be true, it certainly isn’t.
Remain vigilant to anything suspicious while doing your online shopping and do not buy from unknown sites.
Don’t hesitate to contact us to make use of the expertise from our awareness team to educate and inform your end users.
Microsoft’s November Patch Tuesday includes four critical and fifty-five important vulnerabilities for a wide range of Microsoft products, Affecting Microsoft Server, and Workstations. Since three vulnerabilities are actively exploited in the wild urgent patching is required.
TA455 is observed abusing CVE-2023-36025,a zero-day security bypass vulnerability in Windows SmartScreen.
An attacker could generate a seemingly legitimate looking but malicious .URL file and distribute it via a phishing email. A user tricked into clicking on the file would land directly on the malicious site or execute malicious code without receiving any of the usual warnings from SmartScreen.
Analysis from our SOC team
As every month, this month security updates for Windows contains high criticality vulnerabilities with some of them already exploited in the wild.
Enforce OS patches on your employee laptops & on your servers to keep them secure.
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users.
A widely popular social engineering campaign previously only targeting Windows systems has expanded and is now using fake browser updates to distribute Atomic Stealer, a dangerous information stealer, to macOS systems.
Analysis from our SOC team
Users of MacOS often think that « there are no malwares on Mac », which actually makes them more vulnerable to those type of malware campaigns.
Just like any other operating system, MacOS need to be protected and monitored. Several EDR are compatible with MacOS such as Microsoft Defender.
Do not hesitate to contact our SOC would you need advice on protecting your assets.
